[LINK] Gumtree
Scott Howard
scott at doc.net.au
Mon Jun 30 02:45:31 AEST 2014
On Sun, Jun 29, 2014 at 8:38 AM, Rick Welykochy <rick at vitendo.ca> wrote:
> I think the google may be protesting too much. If you follow the links
> for the two sites listed, i.e. /*zamcheck.org/ <
> http://www.google.com/safebrowsing/diagnostic?site=zamcheck.org/>*//*,
> *//*indolocker.com/
> <http://www.google.com/safebrowsing/diagnostic?site=indolocker.com/
> >*//*,*/
> no malicious code is reported, i.e. for zamcheck.org:
>
You stopped reading too soon. Further down on that page you'll find :
Has this site hosted malware?
Yes, this site has hosted malicious software over the past 90 days. It
infected 267 domain(s), including gumtree.com.au/, dailymotion.com/,
mangapanda.com/.
Do basically someone is putting HTML on gumtree that loads something (eg,
javascript code, an exe, etc) from zamcheck.org in order to infect a client
machine.
zamcheck.org itself shows 0 pages infected, as no actual HTML pages on that
site have been detected that contain malicious code.
The upshot of all of this is (if Google is to be believed, and as a rule
they are), going to Gumtree can potentially lead to you being infected with
something. So they block it.
It's not just Gumtree being hit by this over the past few days, there's a
lot of sites being redirected to the same 2 sites. Talk is that it's via
an advertising network being abused and not the actual sites themselves,
but I haven't looked close enough to be sure.
Scott
More information about the Link
mailing list